CebuPac’s GetGo app hacked, says no credit card info compromised

Gokongwei-owned
budget carrier Cebu Pacific confirmed Thursday, April 25, that there was an “unauthorized
access” in the application server of GetGo, its loyalty rewards program.

In
a statement, Cebu Pacific said credit card information was not stored on the server.
The breach happened Wednesday night, April 24.

“As
a precaution, we have temporarily disabled log-in using GetGo credentials to
the cebupacificair.com website and mobile app, both of which remain secure,”
the statement said.

The
airline said all GetGo online channels have also been temporarily disabled as it
continues to investigate the matter.

“We
have informed the National Privacy Commission, and are working with them on the
investigation,” the company added.

The
NPC, on the other hand, confirmed it has already received the notification sent
by Cebu Pacific but is still awaiting updates regarding the “extent and nature”
of the breach.

“We
have instructed the company’s Data Protection Officer (DPO), Randall
Evangelista, to also ascertain if there is a need to inform affected data
subjects of the breach, along with specific precautions and other measures they
may take to protect themselves. We have instructed Evangelista to personally
report tomorrow to the NPC complaints and investigation team,” the agency said.

We strive to bring to local readers all the ICT news and product information relevant to the Philippines. We seek to cover the whole ICT spectrum — from consumer to the enterprise. READ MORE ABOUT NEWSBYTES.PH